This is where the overall category of email security is going. In our view, email security includes both security of the sent emails themselves and security of the enterprise from rogue incoming emails. While there still are independent email security platforms, the inclusion of full functionality in the gateway is becoming commonplace.
There is no predefined functionality for email content management products, but you can bet that they will contain some sort of anti-malware functionality, as well as spam filtering. Beyond that - and, perhaps, as part of that - you can expect such things as email firewalls. We saw just about every form of protection in this month's crop of products. Moreover, we are beginning to see traditional web content management bundled in with the email tools.
At least one blogger contends that 80 percent of the content management market is email. That makes sense on the surface since email is arguably the most pervasive organizational internet-related function. However, it is quite difficult to separate email content from web content. Phishing, rogue HTML email content and malware effectively bridge the gap between the web and email content.
First, the dangers on the web are pretty much the same as those for email - with the exception of spam, which is unique to email of course. So, when we think of email content management functionality we should also think about the web, and then add spam as a threat to be managed.
The Association for Information and Image Management has an excellent take on the issue. It views the whole kit and kaboodle as enterprise content management (ECM). The group defines ECM in terms of all of the unstructured content in the enterprise. If one takes that view, this can be subdivided into two general classes: wanted and unwanted content. Unwanted content may include that which is undesirable - pornography, hate mongering and more - and that which is dangerous - malware, spam and the like.
Managing the unwanted content requires identifying and eliminating it from the enterprise, either through some sort of filtering or some type of removal technique. Filtering that keeps this content out of the enterprise in the first place is, of course, the more desirable of the two options.
That brings us back to email content management. This is focused almost exclusively on prevention through some form of filtering. The content management is no more effective than the filtering, and the filtering is no more effective than the policies that drive it. So, capability in email content management comes down to policies and rule sets. In today's products, policy engines are becoming quite sophisticated. Back in the "good" old days, one had to write policies from scratch. Then regular expressions (regex) came along and, finally, drag-and-drop menu choices that could be used to build up policy one piece at a time. Throw in a bit of regex, and you've got the best of both worlds. For email firewalls, we get the most comprehensive and easy-to-manage rule sets - if we treat them just as if they were a regular network firewall's rules.
How to buy
Start with the form factor that fits your enterprise best. We saw a combination of software products (those that install on a server platform, such as MS Server 2008), virtual appliances (those that install from scratch either on hardware or on a virtual system), and hardware appliances. Your next step is to look at what similar functionality already exists in your enterprise. Do you need both content management and email security or can you separate the two?
Once you have laid the groundwork, consider what functionality you will need - i.e., are you already using an anti-spam gateway or service?
As always, understand your environment, your requirements and the unmanaged threats against your enterprise, and then browse through this month's offerings.
Mike Stephenson contributed to this Group Test.